On Mon, Apr 28, 2025 at 12:32:56PM +0000, ed bennett wrote:
> I only want to receive incoming emails and only send emails from the server itself,
> either with scripts or while logged on with ssh.
> I've completely blocked port 25 and the submission ports.
> With 25 open, I can't even login and I have to use IPMI.
> First what can I do with just pf? I haven't found any useful examples and it's not
> clear to me exactly how to only allow local connections to send out emails work
> but still receive outside emails.
It is not clear from what you write just *how* you block or set anything to 'open'.
I tend to tell people who take our tutorials to copy the default /etc/pf.conf to somewhere
safe, then start with the even simpler
block
pass from self
Going from there, you could do worse than at least browse the PF user Guide https://www.openbsd.org/faq/pf/index.html
or for that matter go for the PF tutorial slides https://nxdomain.no/~peter/pf_fullday.pdf (which BTW
tend to be updated for each session) with links therein, including a certain book that appears
to have aged surprisingly well.
All the best,
Peter
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
No comments:
Post a Comment